New Year Special Sale Limited Time 70% Discount Offer - Ends in 1d 19h 58m 47s - Coupon code: scxmas70

Note! Following CAS-003 Exam is Retired now. Please select the alternative replacement for your Exam Certification. The new exam code is CAS-004

CAS-003 Exam Dumps - CompTIA Advanced Security Practitioner (CASP) Exam

Go to page:
Question # 57

A vulnerability scan with the latest definitions was performed across Sites A and B.

Match each relevant finding to the affected host-After associating the finding with the appropriate host(s), click the host to select the appropriate corrective action for that finding.

Full Access
Question # 58

A company has a DLP system with the following capabilities:

• Text examination

• Optical character recognition

• File type validation

• Multilingual translation of key words and phrases

• Blocking of content encrypted with a known cipher

• Examination of all egress points

Despite the existing protections a malicious insider was able to exfilltrated confidential information DLP logs show the malicious insider transferred a number of JPEG files to an external host but each of those files appears as negative for the presence of confidential information. Which of the following are the MOST likely explanations for this issue? (Select TWO)

A.

Translating the confidential information horn English into Farsi and then into French to avoid detection

B.

Scrambling the confidential information using a proprietary obfuscation scheme before sending the files via email

C.

Changing the extension of Word files containing confidential information to jpg and uploading them to a file sharing site

D.

Printing the documents to TIFF images and attaching the files to outbound email messages

E.

Leveraging stenography to hide the information within the JPEG files

F.

Placing the documents containing sensitive information into an AES-256 encrypted compressed archive file and using FTP to send them to an outside host

Full Access
Question # 59

An ICS security engineer is performing a security assessment at a bank in Chicago. The engineer reviews the following output:

Which of the following tools is the engineer using the provide this output?

A.

SCAP scanner

B.

Shodan

C.

Fuzzer

D.

Vulnerability scanner

Full Access
Question # 60

A small company is implementing a new technology that promises greater performance but does not abide by accepted RFCs. Which of the following should the company do to ensure the risks associated with Implementing the standard-violating technology is addressed?

A.

Document the technology's differences in a system security plan.

B.

Require the vendor to provide justification for the product's deviation.

C.

Increase the frequency of vulnerability scanning of all systems using the technology.

D.

Block the use of non-standard ports or protocols to and from the system.

Full Access
Question # 61

An organization wishes to implement cloud computing, but it is not sure which service to choose. The organization wants to be able to share Tiles, collaborate, and use applications that are fully managed on a private network. Which of the following types of cloud computing services should the organization implement based on its needs?

A.

laaS

B.

SaaS

C.

PaaS

D.

CaaS

Full Access
Question # 62

A financial institution has several that currently employ the following controls:

* The severs follow a monthly patching cycle.

* All changes must go through a change management process.

* Developers and systems administrators must log into a jumpbox to access the servers hosting the data using two-factor authentication.

* The servers are on an isolated VLAN and cannot be directly accessed from the internal production network.

An outage recently occurred and lasted several days due to an upgrade that circumvented the approval process. Once the security team discovered an unauthorized patch was installed, they were able to resume operations within an hour. Which of the following should the security administrator recommend to reduce the time to resolution if a similar incident occurs in the future?

A.

Require more than one approver for all change management requests.

B.

Implement file integrity monitoring with automated alerts on the servers.

C.

Disable automatic patch update capabilities on the servers

D.

Enhanced audit logging on the jump servers and ship the logs to the SIEM.

Full Access
Question # 63

A company recently developed a new mobile application that will be used to access a sensitive system. The application and the system have the following requirements:

• The application contains sensitive encryption material and should not be accessible over the network

• The system should not be exposed to the Internet

• Communication must be encrypted and authenticated by both the server and the client

Which of the following can be used to install the application on the mobile device? (Select TWO).

A.

TPM

B.

Internal application store

C.

HTTPS

D.

USB OTG

E.

Sideloading

F.

OTA

Full Access
Question # 64

A consultant is planning an assessment of a customer-developed system. The system consists of a custom-engineered board with modified open-source drivers and a one-off management GUI The system relies on two- factor authentication for interactive sessions, employs strong certificate-based data-in-transit encryption, and randomly switches ports for each session. Which of the following would yield the MOST useful information'?

A.

Password cracker

B.

Wireless network analyzer

C.

Fuzzing tools

D.

Reverse engineering principles

Full Access
Go to page: